In a variety of Support scenarios, it is usually necessary to take a network trace and observe communication from client to virtual server. In many scenarios, the communication is encrypted with SSL, and because of client security regulations it is not always possible to share the Private key (to decrypt the SSL traffic). With this procedure, you only need the session keys and not the original Private key to decrypt the network traffic.

So this is what you need perform this action:

Wireshark

SSL encrypted virtual server

Private key

1. Start a trace and save it somewhere…

2. Download Wireshark and open your trace:
As you see here, all trafic in encrypted (SSL)

The SSL traffic should be decrypted by now and evrything will be displayed in open text…

4. Export the Session Keys to let a thrid-party have access to the data included in the network trace, without sharing the Private Key with anyone (for security reasons)
In Wireshark, select File > ExportSSLSessionKeys,
and save the file somewhere… You should now have a file with “RSA Session-ID: [string of characters] Master-Key: [string of characters]”. This file can be used to decrypt the trace, in place of the private key.

5. Open another Wireshark session, and attempt to use the Session keys you just exported to decrypt the same trace (session).
In Wireshark, select Edit > Preferences > Protocols > SSL > (Pre)-Master-Secret logfilenameand select the exported Session Keys and You’ll now have visibility of the same decrypted traffic, without using the Private key directly.